Related commands
display role
•
interface policy deny
•
•
rule
vlan policy deny
•
vpn-instance policy deny
•
role default-role enable
Use role default-role enable to enable the default user role feature for remote AAA users.
Use undo role default-role enable to restore the default.
Syntax
role default-role enable
undo role default-role enable
Default
The default user role function is disabled. AAA users who do not have a user role cannot log in to the
device.
Views
System view
Predefined user roles
network-admin
Usage guidelines
The default user role function allows AAA-authenticated users to access the system if the AAA server does
not authorize any user roles to the users.
You can configure this function to enable an AAA-authenticated user who has not been assigned any
user role to log in with the default user role network-operator.
If AAA users have been assigned user roles, they log in with the user roles.
Examples
# Enable the default user role feature.
<Sysname> system-view
[Sysname] role default-role enable
Related commands
role
role feature-group
Use role feature-group to create a user role feature group and enter user role feature group view.
Use undo role feature-group to delete a user role feature group.
Syntax
role feature-group name feature-group-name
28